Following is a step by step guide for those who are interested in trying out the HTTP/2 feature in tomcat9, Please correct me if anything is wrong.
Prerequisite: * JDK8: suppose you've already installed * tomcat 9.0.0.M1: Please download from https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M1/ (a release candidate which is calling for votes.) * openssl 1.0.2d: For Unix: 1) build from source code: wget https://www.openssl.org/source/openssl-1.0.2d.tar.gz tar -xf openssl-1.0.2d.tar.gz cd openssl-1.0.2d ./config -fPIC --prefix=/path/to/openssl/ make (sudo) make install For Mac OSX 1) build from source code: wget https://www.openssl.org/source/openssl-1.0.2d.tar.gz tar -xf openssl-1.0.2d.tar.gz cd openssl-1.0.2d ./Configure darwin64-x86_64-cc --prefix=/path/to/openssl shared make (sudo) make install 2) obtain from brew (recommended, but not tried yet) * apr 1.4.0+ (latest version is 1.5.2) build apr 1.5.2 from scratch if not installed: download source code from https://apr.apache.org/download.cgi tar -xf apr-1.5.2.tar.gz cd apr-1.5.2 ./configure make (sudo) make install * tomcat native 1.2.2 (require apr 1.4.0+) For Windows: please download the binary release from http://tomcat.apache.org/download-native.cgi or build from source code(not tried yet) For Unix/Mac OSX download the source code from: http://tomcat.apache.org/download-native.cgi tar -xf tomcat-native-1.2.2-src.tar.gz cd tomcat-native-1.2.2-src/native ./configure --with-apr=/path/to/apr --with-ssl=/path/to/openssl make (sudo) make install * Genearte self-signed certificate: /path/to/openssl req -x509 -newkey rsa:2048 -keyout /var/tmp/private-key.pem -out /var/tmp/cert.pem -days 365 (with passphrase: tomcat) Tomcat side configurations(APR connector) 1. configure setenv.sh CATALINA_OPTS="$CATALINA_OPTS -Djava.library.path=/path/to/your/tcnative/lib" 2. configure server.xml <Connector port="8443" protocol="org.apache.coyote.http11.Http11Nio2Protocol" maxThreads="150" SSLEnabled="true"> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> <SSLHostConfig honorCipherOrder="false" > <Certificate certificateKeyFile="/var/tmp/private-key.pem" certificateFile="/var/tmp/cert.pem" certificateKeyPassword="tomcat" type="RSA" /> </SSLHostConfig> </Connector> 3. start tomcat 4. visit https://localhost:8443/examples/servlets/serverpush/simpleimage You should see the image if everything is all right. Tomcat side configurations(NIO/NIO2 connector, take NIO2 as an example) 1. configure server.xml <Connector port="8443" protocol="org.apache.coyote.http11.Http11Nio2Protocol" sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImplementation" maxThreads="150" SSLEnabled="true"> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> <SSLHostConfig honorCipherOrder="false" > <Certificate certificateKeyFile="/var/tmp/private-key.pem" certificateFile="/var/tmp/cert.pem" certificateKeyPassword="tomcat" type="RSA" /> </SSLHostConfig> </Connector> 2. start tomcat 3. visit https://localhost:8443/examples/servlets/serverpush/simpleimage You should see the image if everything is all right. NOTES: * HTTP/2 is not supported for non-secured protocol currently. * HTTP/2 is not supported for JSSE implementation currently. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
